package com.bbs.security;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;

//sercuity简单实践
@Configuration
public class SecurityConfiguration {
    //设置自定义过滤器链
    @Bean
    SecurityFilterChain securityFilterChain(HttpSecurity http) throws  Exception
    {
//        //TODO获得系统配置文件中的安全忽略URL列表，并且转化为数组，便于后续添加
//        //请求授权
//        //访问主页面的一律不阻止
//http.authorizeHttpRequests(registry->{
//    registry.requestMatchers("/login","api/**","/v3","swagger-ui.html").permitAll()
//        .anyRequest().authenticated()
//    ;
//}).formLogin((form)->{
//    form.loginPage("/login")
//            .permitAll();
//}).logout((logout)->logout.permitAll());

  //表单登录
       return  http.build();
    }
}
